Skip to main content

Inappropriate coding practices - Unnecessary imports

Description

The application imports modules that are not used. This is a bad practice because it loads modules that will not be used, and doing so unnecessarily increases the load.

Impact

  • Load functions and procedures that will not be used.
  • Cause suboptimal performance of the application.

Recommendation

Import only the modules necessary for the correct functionality of the application.

Threat

Authorized attacker from the Internet with access to the application.

Score

Default score using CVSS 3.1. It may change depending on the context of the vulnerability.

Base

  • Attack vector: N
  • Attack complexity: H
  • Privileges required: L
  • User interaction: N
  • Scope: U
  • Confidentiality: N
  • Integrity: N
  • Availability: L

Temporal

  • Exploit code madurity: U
  • Remediation level: X
  • Report confidence: R

Result

  • Vector string: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:X/RC:R
  • Score:
    • Base: 3.1
    • Temporal: 2.8
  • Severity:
    • Base: Low
    • Temporal: Low

Details

https://rules.sonarsource.com/javascript/RSPEC-1128

Requirements